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TITLE: Systems and methods"f dTsecure transaction management and electronic rights 
protection 
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Brief Summary Text (142) : 

VDE allows the needs of electronic commerce participants to be served and it can 
bind such participants together in a universe wide, trusted commercial network that 
can be secure enough to support very large amounts of commerce. VDE ' s security and 
metering secure subsystem core will be present at all physical locations where VDE 
related content is (a) assigned usage related control information (rules and 
mediating data), and/or (b) used. This core can perform jejy^ty_an_d_audi ting 
functions (including metering) that operate within a ^vrrfiiaT^ black box, " a 
collection of distributed, very secure VDE related hardware^instances^hat are 
interconnected by secured information exchange (for example, telecommunication) 
processes and distributed database means. VDE further includes highly configurable 
transaction operating system technology, one or more associated libraries of load 
modules along with affiliated data, VDE related administration, data preparation, 
and analysis applications, as well as system software designed to enable VDE 
integration into host environments and applications. VDE's usage control 
information, for example, provide for property content and/or appliance related: 
usage authorization, usage auditing (which may include audit reduction) , usage 
billing, usage payment, privacy filtering, reporting, and security related 
communication and encrypt -i on techniques. 

Dfitailpfi nf>flrr"ipM on Tpyf- (1759) : 

Delivery of audit reports through a path of handling may be in part insured by an 
inverse (return of information) audit method. Many VDE methods have at least two 
pieces: a portion that manages the process of producing audit information at a 
user's VDE node; and a portion that subsequently acts on audit data. In an example 
of the handling of audit information bound for a plurality of auditors, a single 
container object is recelved_at_a_clearinghouse (or other auditor) . This container 
may contain (a) certain N encryptfid audit inf ormation-that^ is for the use of the 
clearinghouse itself, and (Uncertain other eric ryp ted_audi t information bound for 
other one or more auditor parties. The two sets - of information may have the same, 
overlapping and in part different, or entirely different, information content. 
Alternatively, the clearinghouse VDE node may be able to work with some or all of 
the provided audit information. The audit information may be, in part, or whole, in 
some summary and/or analyzed form further processed at the clearinghouse and/or may 
be combined with other information to form a, at least in part, derived set of 
information and inserted into one or more at least in part secure VDE objects to be 
communicated to said one or more (further) auditor parties. When an audit 
information container is securely processed at said clearinghouse VDE node by said 
inverse (return) audit method, the clearinghouse VDE node can create one or more VDE 
administrative objects for securely carrying audit information to other auditors 
while separately processing the secure audit information that is specified for use 
by said clearinghouse. Secure audit processes and credit inf omation^distribution 
between VDE participants normally takes place within the secure VDE "hi ark hoy' 
that is processes are securely processed within secure VDE PPE650 an^imdit" 
information is securely communicated between the VDE secure subsystems~of^vDE 
partj^ipants employing VDE secure communication techniques ( ^ - g ^ v pnh1 i o kgy \ 
encrypt-ion^ and authentication) . 
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ABSTRACT : 

The present invention provides systems and methods for secure transaction management 
and electronic rights protection. Electronic appliances such as computers equipped 
in accordance with the present invention help to ensure that information is accessed 
and used only in authorized ways, and maintain the integrity, availability, and/or 
confidentiality of the information. Such electronic appliances provide a distributed 
virtual distribution environment (VDE) that may enforce a secure chain of handling 
and control, for example, to control and/or meter or otherwise monitor use of 
electronically stored or disseminated information. Such a virtual distribution 
environment may be used to protect rights of various participants in electronic 
commerce and other electronic or electronic-facilitated transactions. Distributed 
and other operating systems, environments and architectures, such as, for example, 
those using tamper- resistant hardware -based processors, may establish security at 
each node. These techniques may be used to support an all-electronic information 
distribution, for example, utilizing the "electronic highway." 

72 Claims, 155 Drawing figures 
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Brief Summary Text (142) : 

VDE allows the needs of electronic commerce participants to be served and it can 
bind such participants together in a universe wide, trusted commercial network that 
can be secure enough to support very large amounts of commerce. VDE's security and 
metering secure subsystem core will be present at all physical locations where VDE 
related content is (a) assigned usage related control information (rules and 
mediating data) , and/or (b) used. This core can perform security and auditing 
functions (including metering) that operate within a "virtual black box, " a 
collection of distributed, very secure VDE related hardware instances that are 
interconnected by secured information exchange (for example, telecommunication) 
processes and distributed database means. VDE further includes highly configurable 
transaction operating system technology, one or more associated libraries : of load 
modules along with affiliated data, VDE related administration, data preparation, 
and analysis applications, as well as system software designed to enable VDE 
integration into host environments and applications. VDE's usage control 
information, for example, provide for property content and/or appliance related: 
usage authorization, usage auditing (which may include audit reduction) , usage 
billing, usage payment, privacy filtering, reporting, and security related 
communication and encrypt ion techniques. 

Detailed Description Text (1764) : 

Delivery of audit reports through a path of handling may be in part insured by an 
inverse (return of information) audit method. Many VDE methods have at least two 
pieces: a portion that manages the process of producing audit information at a 
user's VDE node; and a portion that subsequently acts on audit data. In an example 
of the handling of audit information bound for a plurality of auditors, a single 
container object is received at a clearinghouse (or other auditor) . This container 
may contain (a) certain pnrrypi-.p^ audit information that is for the use of the 
clearinghouse itself, and (b) certain other encrypted audit information bound for 
other one or more auditor parties. The two sets of information may have the same, 
overlapping and in part different, or entirely different, information content. 
Alternatively, the clearinghouse VDE node may be able to work with some or all of 
the provided audit information. The audit information may be, in part, or whole, in 
some summary and/or analyzed form further processed at the clearinghouse and/or may 
be combined with other information to form a, at least in part, derived set of 
information and inserted into one or more at least in part secure VDE objects to be 
communicated to said one or more (further) auditor parties. When an audit 
information container is securely processed at said clearinghouse VDE node by said 
inverse (return) audit method, the clearinghouse VDE node can create one or more VDE 
administrative objects for securely carrying audit information to other auditors 
while separately processing the secure audit information that is specified for use 
by said clearinghouse. Secure audit processes and credit information distribution 
between VDE participants normally takes place within the secure VDE "black- hoy r " 
that is processes are securely processed within secure VDE PPE650 and audit 
information is securely communicated between the VDE secure subsystems of vDE 
participants employing VDE secure communication techniques (e.g., puhl i r, key 
encryption, and authentication) . 
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